<?php

	include_once('Commons.php');
	include_once('AlbumCommons.php');
	
	$action = param('ac');
	$id = param('id');
	
	$currentUser = getCurrentUser();
	
	header("Content-type:text/html;charset=utf-8");
	
	if ( $action=='deletePhoto' )
	{
		$sql = "SELECT p.id,a.path,u.username
				FROM photo p
				JOIN album a ON a.id=p.album
				JOIN user u ON u.id=a.user
				WHERE p.id=$id
				AND u.id=${currentUser[id]};";
		
		$rh = query($sql);
		
		if ( mysql_num_rows($rh) )
		{
			list($id, $path, $username) = mysql_fetch_array($rh);
			
			deletePhoto($id);
			
			redirect( formatUrl("/albums/$username/$path/") );
		}
	}
	else if ( $action=='createAlbumForm' )
	{
		$photoId = param('photo');
		
		if ( $photoId )
		{
			$sql = "SELECT *
					FROM photo
					WHERE id=$photoId
					AND user=${currentUser[id]};";
					
			$photoInfo = mysql_fetch_assoc(query($sql));
		}
		
		include('AlbumViews/AlbumCreate.php');
		
	}
	else if ( $action=='deleteAlbum' )
	{
		$sql = "SELECT a.id,u.username
				FROM album a
				JOIN user u ON u.id=a.user
				WHERE a.id=$id
				AND u.id=${currentUser[id]};";
		
		$rh = query($sql);
		
		if ( mysql_num_rows($rh) )
		{
			list($id, $username) = mysql_fetch_array($rh);
			
			deleteAlbum($id);
			
			redirect( formatUrl("/albums/$username/") );
		}
	}
	else if ( $action=='movePhoto' )
	{
		$album = param('album');
		$photo = param('photo');
		
		$sql = "SELECT id FROM album WHERE id=$album AND user=${currentUser[id]};";
		$rh = query($sql);
		if ( mysql_num_rows($rh)==0 )
			exit();
		
		$sql = "SELECT id FROM photo WHERE id=$photo AND user=${currentUser[id]};";
		$rh = query($sql);
		if ( mysql_num_rows($rh)==0 )
			exit();
		
		$sql = "UPDATE photo SET album=$album WHERE id=$photo;";
		query($sql);
		
		exit();
	}
	else if ( $action=='albumOverview' )
	{
		$currentAlbumId = param('albumId');
		$currentUserId = param('userId');
		
		$albums = getUserAlbums($currentUserId);
		$albumUser = getUserById($currentUserId);
		
		$hasWritePermission = $currentUserId==$currentUser['id'];
		
		require('AlbumViews/AlbumPhotoOverview.php');
		
		exit();
	}
	else if ( $action=='renameAlbum' )
	{
		$aid = param('album');
		$name = param('name');
		
		$error = checkAlbumName($name, $currentUser['id'], $aid);
		
		if ( empty($error) )
		{
			renameAlbum($aid, $name);
			
			print 'location:'. formatUrl("/albums/${currentUser[username]}/". formatWords($name) ."/");
		}	
		else
			print "<span><img src='/Images/cancel.png' alt='error' />". $error ."</span>";
	}
	else if ( $action=='renamePhoto' )
	{
		$pid = param('photo');
		$name = param('name');
		
		$error = checkPhotoName($name, $pid);
		
		if ( empty($error) )
		{
			renamePhoto($pid, $name);
			
			print 'location:'. formatUrl( formatWords($name) .".html" );
		}	
		else
			print "<span><img src='/Images/cancel.png' alt='error' />". $error ."</span>";
	}
	else if ( $action=='createAlbum' )
	{
		$name = param('name');
		$photo = param('photo');
		
		$error = checkAlbumName($name, $currentUser['id'], 0);
		
		if ( empty($error) )
		{
		
			if ( ! empty($photo) )
			{
				$sql = "SELECT *
						FROM photo
						WHERE id=$photo
						AND user=${currentUser[id]};";
				
				if ( mysql_num_rows(query($sql))==0 )
					exit();
			
				$albumId = createAlbum($currentUser['id'], $name);
				$sql = "UPDATE photo SET album=$albumId WHERE id=$photo;";
				query($sql);
			}
			else
			{
				createAlbum($currentUser['id'], $name);
			}
			
			print 'location:'. formatUrl("/albums/${currentUser[username]}/". formatWords($name) ."/");
		}	
		else
			print "<span><img src='/Images/cancel.png' alt='error' />". $error ."</span>";
	}
	else if ( $action=='checkAlbumName' )
	{
		$aid = param('album');
		$name = param('name');
		
		$error = checkAlbumName($name, $currentUser['id'], $aid);
		
		if ( empty($error) )
			print "&nbsp;";
		
		else
			print "<span><img src='/Images/cancel.png' alt='error' />". $error ."</span>";
	}
	else if ( $action=='checkPhotoName' )
	{
		$pid = param('photo');
		$name = param('name');
		
		$error = checkPhotoName($name, $pid);
		
		if ( empty($error) )
			print "&nbsp;";
		
		else
			print "<span><img src='/Images/cancel.png' alt='error' />". $error ."</span>";
	}
	else if ( $action=='setAlbumDescription' )
	{
		$aid = param('album');
		$description = param('description');
		
		$album = getAlbumById($aid);
		
		if ( $album['user']==$currentUser['id'] )
			setAlbumDescription($aid, $description);
			
		print formatText($description);
	}
	else if ( $action=='setPhotoDescription' )
	{
		$pid = param('photo');
		$description = param('description');
		
		$photo = getPhotoById($pid);
		
		if ( $photo['user']==$currentUser['id'] )
			setPhotoDescription($pid, $description);
			
		print formatText($description);
	}
	elseif ( $action=='showRenameAlbumForm' )
	{
		$albumInfo = getAlbumById( param('album') );
		
		require("AlbumViews/RenameAlbumForm.php");
	}
	elseif ( $action=='showRenamePhotoForm' )
	{
		$photoInfo = getPhotoById( param('photo') );
		
		require("AlbumViews/RenamePhotoForm.php");
	}
	elseif ( $action=='showAlbumView' )
	{
		$userId = param('user');
		
		$albumUser = getUserById($userId);
		$albums = getUserAlbums($albumUser['id']);
		
		$hasWritePermission = $albumUser['id']==$currentUser['id'];
		
		require('AlbumViews/UserAlbumsView.php');
	}
	elseif ( $action=='showPhotoView' )
	{
		$albumId = param('album');
		
		$albumInfo = getAlbumById($albumId);
		$albumUser = getUserById($albumInfo['user']);
		$photoAlbum = selectQuery("	SELECT p.*
									FROM photo p
									WHERE p.album=${albumInfo[id]}
									ORDER BY p.id DESC;");
		
		$hasWritePermission = $albumUser['id']==$currentUser['id'];
		
		require('AlbumViews/AlbumPhoto.php');
	}
	
	function checkAlbumName($name, $userId, $albumId)
	{
		global $currentUser;
		
		if ( empty($name) )
			return getTerm('albums', 'empty_album_name');
		
		if ( ! isValidAlbumName($name) )
			return getTerm('albums', 'invalid_name');

		$similarAlbum = getAlbumByUserAndName($userId, $name);
		if ( $similarAlbum && ( empty($albumId) || $similarAlbum['id']!=$albumId) )
			return fill( getTerm('albums', 'similar_album_name') , $name);
			
		if ( ! empty($albumId) )
		{
			$album = getAlbumById($albumId);
			
			if ( $album['user']!=$currentUser['id'] )
				return getTerm('albums', 'not_your_album');
		}
	}
	
	function checkPhotoName($name, $photoId)
	{
		global $currentUser;
		
		if ( empty($name) )
			return getTerm('albums', 'empty_photo_name');
		
		if ( ! isValidPhotoName($name) )
			return getTerm('albums', 'invalid_name');
			
		$photo = getPhotoById($photoId);
		
		if ( $photo['user']!=$currentUser['id'] )
			return getTerm('albums', 'not_your_photo');

		$similarPhoto = getPhotoByAlbumAndName($photo['album'], $name);
		if ( $similarPhoto && ( empty($photoId) || $similarPhoto['id']!=$photoId) )
			return fill( getTerm('albums', 'similar_photo_name') , $name);
	}

?>